Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          DKa6f9d+YcI9+3F25TMN833jIs2tvyTzJOqw1Mx7aMM=
Subject key identifier:   A2:C1:C4:84:B4:AA:E9:FD:76:24:6F:DF:18:CD:E4:30:BF:06:78:46
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       01975C4A26C5EF1C3DFC287C7973490D338A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0A69
Signing time:             Wed 11 Jun 2025 00:00:52 +0000
Manifest this update:     Wed 11 Jun 2025 00:00:52 +0000
Manifest next update:     Thu 12 Jun 2025 00:00:52 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: x7YGHjAXRNiXEAh50cZbv+GkeH8e5639jLXfQD75NRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 20:45:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:4a:26:c5:ef:1c:3d:fc:28:7c:79:73:49:0d:33:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: Jun 11 00:00:52 2025 GMT
            Not After : Jun 12 00:00:52 2025 GMT
        Subject: CN=a2c1c484b4aae9fd76246fdf18cde430bf067846
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:22:de:2a:76:5a:2e:8b:9b:2a:5b:11:00:a6:
                    e8:b7:59:98:f9:32:f1:d3:49:be:07:47:bf:53:c0:
                    26:14:87:1b:8f:6c:18:7a:34:70:93:b5:dc:e2:8f:
                    a3:90:33:93:00:c3:c6:3d:4e:14:e3:aa:a1:33:59:
                    e7:b8:ed:4b:a5:56:4a:3b:56:5e:f4:84:85:0d:b2:
                    b2:7e:72:ab:25:52:c7:f1:4d:82:6e:34:16:de:97:
                    83:69:1d:41:f7:79:a1:2d:8c:a4:37:96:e2:a5:b2:
                    df:b2:47:86:4c:3f:6a:d0:a7:09:62:eb:8c:14:50:
                    53:98:33:48:c9:cb:17:ab:e9:b3:3e:c0:60:da:c1:
                    14:9e:d2:8b:74:d0:f2:fc:ed:ed:d6:6e:00:e0:a3:
                    c6:e9:35:4d:82:e1:3c:f8:27:89:59:4c:66:34:71:
                    29:be:f2:00:91:e9:0e:04:80:8c:05:68:0c:26:82:
                    29:1b:61:73:75:9f:50:76:bd:8a:e2:9b:13:28:dc:
                    f4:ab:7f:9f:ce:8a:82:df:27:5f:20:d3:40:e8:c1:
                    89:1b:d3:4d:5c:38:9d:84:20:41:ea:99:a6:b3:e9:
                    e6:2e:2f:08:e4:c4:fa:7a:75:a9:22:8a:e3:21:15:
                    1f:d6:92:d5:a3:e9:0d:37:ec:c1:54:52:8d:78:78:
                    00:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C1:C4:84:B4:AA:E9:FD:76:24:6F:DF:18:CD:E4:30:BF:06:78:46
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:4c:9c:c7:ea:46:0c:ca:8e:0d:14:2e:1d:b9:19:63:fa:16:
         12:09:ee:b6:e8:ca:fc:2e:19:f6:48:9c:fe:f4:98:cf:c2:4e:
         22:67:14:d1:b7:79:6c:01:86:64:3f:e0:92:98:64:d8:8e:98:
         cd:b6:ff:60:38:d7:ad:19:df:07:74:42:bf:6d:20:fd:21:21:
         51:07:37:aa:5a:19:5f:07:ce:9e:ee:8b:aa:38:f9:a5:db:a8:
         39:0f:fe:23:e9:c6:b4:d1:f1:f4:4e:fb:ce:2a:d6:db:cb:63:
         94:9f:66:d0:10:5e:82:00:83:26:e7:c9:dd:75:8b:0f:95:1a:
         43:4a:a7:88:97:e4:7d:3f:3a:e6:7b:ac:1c:37:ea:6e:0e:1c:
         94:1e:68:2a:c8:5e:d2:91:5b:40:6e:e5:61:2e:95:52:dd:01:
         95:5f:47:50:cf:95:11:66:94:dd:b7:2c:5a:5d:d1:44:fd:ab:
         51:74:67:c4:37:fa:60:26:e0:34:5d:d2:b4:c5:7d:e8:5e:8d:
         43:dc:b2:a4:c7:ad:03:d3:43:5b:6c:f4:5b:95:e9:d7:88:23:
         95:89:7a:19:3a:da:0e:ae:b4:de:b7:3f:a8:e6:62:90:91:74:
         39:c0:c7:e9:bf:5b:1c:83:55:49:2e:59:16:49:c2:48:7a:5f:
         a6:dc:2f:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcSibF7xw9/Ch8eXNJDTOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjUwNjExMDAwMDUyWhcNMjUwNjEyMDAwMDUyWjAzMTEwLwYDVQQD
EyhhMmMxYzQ4NGI0YWFlOWZkNzYyNDZmZGYxOGNkZTQzMGJmMDY3ODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyLeKnZaLoubKlsRAKbot1mY+TLx
00m+B0e/U8AmFIcbj2wYejRwk7Xc4o+jkDOTAMPGPU4U46qhM1nnuO1LpVZKO1Ze
9ISFDbKyfnKrJVLH8U2CbjQW3peDaR1B93mhLYykN5bipbLfskeGTD9q0KcJYuuM
FFBTmDNIycsXq+mzPsBg2sEUntKLdNDy/O3t1m4A4KPG6TVNguE8+CeJWUxmNHEp
vvIAkekOBICMBWgMJoIpG2FzdZ9Qdr2K4psTKNz0q3+fzoqC3ydfINNA6MGJG9NN
XDidhCBB6pmms+nmLi8I5MT6enWpIorjIRUf1pLVo+kNN+zBVFKNeHgAaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLBxIS0qun9diRv3xjN5DC/BnhGMB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWEycx+pG
DMqODRQuHbkZY/oWEgnutujK/C4Z9kic/vSYz8JOImcU0bd5bAGGZD/gkphk2I6Y
zbb/YDjXrRnfB3RCv20g/SEhUQc3qloZXwfOnu6Lqjj5pduoOQ/+I+nGtNHx9E77
zirW28tjlJ9m0BBeggCDJufJ3XWLD5UaQ0qniJfkfT865nusHDfqbg4clB5oKshe
0pFbQG7lYS6VUt0BlV9HUM+VEWaU3bcsWl3RRP2rUXRnxDf6YCbgNF3StMV96F6N
Q9yypMetA9NDW2z0W5Xp14gjlYl6GTraDq603rc/qOZikJF0OcDH6b9bHINVSS5Z
FknCSHpfptwv7Q==
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:47:59 2025 by rpki-client